Subprocessors
Last updated: 2026-06-03
Draft — not yet reviewed by legal counsel. This list is maintained alongside the Privacy Policy and is the authoritative record of third parties that process personal data on our behalf.
A subprocessor is a third party we engage to process personal data on our behalf when delivering the Service. We require each subprocessor to provide at least the level of data protection required of us under the applicable privacy laws, through binding contractual terms.
We notify users of material changes to this list — by email, in the dashboard, or via an in-Claude notice — before the change takes effect, where reasonably possible.
Current subprocessors
| Subprocessor | Service | Personal data processed | Region(s) | Transfer mechanism |
|---|---|---|---|---|
| Cloudflare, Inc. | Hosting, CDN, edge compute (Workers), object storage (R2), database (D1), vector store (Vectorize), key-value (KV), AI inference (Workers AI), DDoS protection | All categories — account info, site content, profile, embeddings, technical logs | Global edge network (incl. US, EU, UK, India) | EU/UK SCCs + Cloudflare DPA; India DPDP-compliant terms |
| WorkOS, Inc. | Authentication / OIDC brokering (Google, Microsoft, Apple sign-in) | Email address, identity-provider account ID, sign-in timestamps | United States | EU/UK SCCs (Cloudflare DPA model); WorkOS DPA |
| Paddle.com Market Limited | Merchant of record: payment processing, tax collection and remittance, invoicing | Billing email, country, payment instrument (stored by Paddle, not us), subscription record | United Kingdom (HQ); global processing | UK ICO-recognised + EU SCCs; Paddle DPA |
| Anthropic, PBC | Claude is the AI host that calls our Service through MCP. We do not actively send user data to Anthropic — the data flow is initiated by the user through Claude. Listed for transparency. | Whatever the user provides to Claude in their own conversation (we don't control this) | United States | Governed by user's own relationship with Anthropic |
| Resend, Inc. | Transactional email delivery (account, billing, security notifications) | Email address, message content of transactional emails | United States | EU/UK SCCs; Resend DPA |
| Sentry (Functional Software, Inc.) | Application error monitoring, with PII scrubbing | Error stack traces, request metadata, IP address (scrubbed where reasonably possible) | United States | EU/UK SCCs; Sentry DPA |
| [Statuspage / Atlassian] | Public status page for incidents and uptime communication | Subscriber email addresses (only if user opts in to status alerts) | United States | EU/UK SCCs; Atlassian DPA |
A note on Anthropic
Anthropic is the maker of Claude. When you use the Service, you are using Claude as your interface to our connector. Anthropic processes the conversation you have with Claude under Anthropic's own privacy policy and your relationship with them — not as our subprocessor.
We list Anthropic on this page for full transparency, but Anthropic does not act as our subprocessor in the GDPR / DPDP sense.
A note on Stripe
If you use a payment method or feature processed by Stripe, Inc. alongside Paddle (for example, a legacy subscription created before we migrated to Paddle, or a non-MoR payment flow), Stripe is also a subprocessor for that subset of users. Stripe's processing is governed by Stripe's DPA and the EU/UK SCCs. [Confirm with engineering whether Stripe remains in production after Paddle launch — see billing-and-tiers-runbook.md.]
Sub-subprocessors
Our subprocessors may engage their own sub-subprocessors. Each is contractually required to flow down the same protections we require. We do not maintain a separate list of sub-subprocessors; current lists are maintained by each subprocessor and linked to from this page where available:
- Cloudflare: https://www.cloudflare.com/cloudflare-subprocessors/
- Paddle: https://www.paddle.com/legal/dpa (subprocessor schedule)
- WorkOS: https://workos.com/legal/subprocessors
- Resend: https://resend.com/legal/dpa
- Sentry: https://sentry.io/legal/subprocessors/
Adding a new subprocessor
We add a subprocessor only when we have a clear operational need and a contractual data-processing arrangement in place that meets the standard required by the privacy laws applicable to the data being processed.
Before a new subprocessor goes live with access to personal data: 1. It is recorded in this list with effective date, region, and the categories of data it will process; 2. We update the "Last updated" date above; 3. We notify users of material changes (typically at least 30 days in advance), giving you an opportunity to object before the change takes effect. If you object, you can close your account and request data export per the Privacy Policy.
Contact
If you have questions about any subprocessor on this list, write to privacy@itsmysite.ai or to our Data Protection Officer at dpo@itsmysite.ai (EU/UK) or dpo-in@itsmysite.ai (India).